IETF Logo Mail Archive

Re: [kitten] Pending draft 15 Re: sasl-oauth "user" as a kvpair or in the gs2 header?

Sam Hartman <hartmans-ietf@mit.edu> Mon, 17 March 2014 22:20 UTC

Return-Path: <hartmans@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B54921A063D for <kitten@ietfa.amsl.com>; Mon, 17 Mar 2014 15:20:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3ebAMCB2cGwN for <kitten@ietfa.amsl.com>; Mon, 17 Mar 2014 15:20:42 -0700 (PDT)
Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) by ietfa.amsl.com (Postfix) with ESMTP id 945771A063A for <kitten@ietf.org>; Mon, 17 Mar 2014 15:20:42 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 0D7FE206BD; Mon, 17 Mar 2014 18:20:27 -0400 (EDT)
Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 75LkNY34i6qv; Mon, 17 Mar 2014 18:20:26 -0400 (EDT)
Received: from carter-zimmerman.suchdamage.org (unknown [10.1.10.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.painless-security.com (Postfix) with ESMTPS; Mon, 17 Mar 2014 18:20:26 -0400 (EDT)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id 7A62E83E50; Mon, 17 Mar 2014 18:20:32 -0400 (EDT)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: Nico Williams <nico@cryptonector.com>
References: <1393869321.174.YahooMailNeo@web125602.mail.ne1.yahoo.com> <tslr46j2kbm.fsf@mit.edu> <1393875779.29082.YahooMailNeo@web125604.mail.ne1.yahoo.com> <tsld2i21j7u.fsf@mit.edu> <1393926562.54403.YahooMailNeo@web125603.mail.ne1.yahoo.com> <1393948558.69282.YahooMailNeo@web125602.mail.ne1.yahoo.com> <CAPe4Cjoh7n-cQAuy17MWs66wigqTQvGBVVtEJ0_3zjaSg-5JmQ@mail.gmail.com> <1394650561.77489.YahooMailNeo@web142801.mail.bf1.yahoo.com> <1394833947.5753.YahooMailNeo@web142802.mail.bf1.yahoo.com> <CAK3OfOhr0ksktckcBK5UG7OYb4-Z=QP6DXCcyArk6A3qVWK3gA@mail.gmail.com> <53275BC1.50808@cisco.com> <1395090919.78935.YahooMailNeo@web142806.mail.bf1.yahoo.com> <CAK3OfOiQeZXs4iBP2C3WyZ4y69ejA3QG2fv8ne3C99PJNRySNQ@mail.gmail.com>
Date: Mon, 17 Mar 2014 18:20:32 -0400
In-Reply-To: <CAK3OfOiQeZXs4iBP2C3WyZ4y69ejA3QG2fv8ne3C99PJNRySNQ@mail.gmail.com> (Nico Williams's message of "Mon, 17 Mar 2014 16:27:12 -0500")
Message-ID: <tslzjkov55b.fsf@mit.edu>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/4asTCR2U-yIPaxjrSX201TZNEwk
Cc: "kitten@ietf.org" <kitten@ietf.org>, Bill Mills <wmills@yahoo-inc.com>, Sam Hartman <hartmans-ietf@mit.edu>
Subject: Re: [kitten] Pending draft 15 Re: sasl-oauth "user" as a kvpair or in the gs2 header?
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Mar 2014 22:20:43 -0000

>>>>> "Nico" == Nico Williams <nico@cryptonector.com> writes:

    Nico> On Mon, Mar 17, 2014 at 4:15 PM, Bill Mills <wmills_92105@yahoo.com> wrote:
    >> OK, so given Google's extant implementation, if we change it to
    >> SHOULD the MUST is implicit and the de facto standard anyway if
    >> you want it to work with Google.

    Nico> No need to say either MUST nor SHOULD.  Instead you might want
    Nico> to note that in common usage of this mechanism the server
    Nico> tends to require that the client send an authz-id.

what bill described to me was not authz ID.
It was a routing hint that was a lot closer to an in-mechanism
authentication ID.

v2.29.0 | Report a Bug | By Email | System Status